open C++ projects for a source code analysis?

daviddda

Born

Posts: 1

3+ Months Ago

Hi, I am trying to find the best source code analyzer for a C++ code. Basically, I am trying to analyze the security issues (buffer overflow, SQL injection etc.) of an application. Therefore, I downloaded some source code analyzer testing tools. But I don’t know which one is the best on. Therefore, before I start to analyze my project, I want to test the ability of finding the security issues on a random open source C++ project (especily programs with some network communication). I would like to ask you, if you know some webpage, where I can download some open source C++ projects with an attached list of some known security bugs. I would import this open source project into my Eclipse or Microsoft Visual Studio (so its also important that the code is compatible with one of these software) and test the code with several code analyzers, afterwards I will try to understand all the warnings and errors found by the source code analyzers and compare with those known by the author, in order to be able to find the best source code analyzing tool. Thank you a lot for your help. David

Don2007

Web Master

Posts: 4923

Loc: NY

3+ Months Ago

I don't know any tools but here are some sites that might help you.

http://www.cert.org/books/secure-coding/samples.html

http://insecure.org/sploits.html

mk27

Proficient

Posts: 334

3+ Months Ago

daviddda wrote:

Hi, I am trying to find the best source code analyzer for a C++ code. Basically, I am trying to analyze the security issues (buffer overflow, SQL injection etc.) of an application.

I think it will be way better to educate yourself on what those issues are so you can avoid them, rather than rely on some other software, since stuff like potential buffer overflows can be impossible to detect.

Also, maintain some kind of "test harness" with the project that intentionally tries to exploit and abuse inputs, etc.

neocambell

Born

Posts: 2

3+ Months Ago

It all depend on your code size. If it is huge code, it is not easy and time consuming to check errors manually.If it is a small code, say about 10000 lines in total, then you may try to study the logic.

Automated code Analyzers are not 100% accurate. However those are good and useful when it comes to large projects to get an indication on the quality of the code, potential errors, etc...

Writing code from scratch is the easiest bit. However we might need to get support from such tools in case it is someone else's code.

Neo

heilrick

Born

Posts: 1

3+ Months Ago

A number of the comments posted are very good, especially about educating yourself about the issues (security). It has been my experience that no single code analaysis tool does it all, and I therefore use a combination of them. If you are using VS Team System like we do here, the static analysis is built in to Visual Studio and will detect things like your buffer overuns, etc. and it works with unmanaged C++ as well. It does a pretty good job, but i also use an open source tool called cppcheck (sourceforge) and with some trickery, it will integrate into Visual Studio seamlessly and send its output to the IDE output window. Microsoft also has a free tool for detecting SqlInjection issues "Microsoft source code analyzer for SQL injection..." Let me know if you want more on how to hook up cppcheck into VS. I would not try to use someone else's code, but focus on your own issues. they are likely to be very different.